lemma × x402

Run AI without holding the keys.

x402 pays. Trust402 attaches who, by what authority, and up to how much — as proof — and stops out-of-scope payments before they're sent.

x402MCPA2A ● Discoverable in the x402 Bazaar
$ agent run --pay 0.01 GET /data
[+] ZK identity proof…
[+] role check (developer-tier)…
[+] spendLimit 0.01 ≤ 100 USDC…
[+] x402 settle 0x4a8f…e21
[+] anchor: Base Sepolia
200 OK { data: "…" }
what trust402 adds

Attach trust to the payment.

x402 settles the money. Trust402 adds provable authority, identity, and scope on top — recording who paid on behalf of whom, within what bounds, against what data.

ZK identity
who
+
role membership
under what authority
+
spend limit
up to what
+
on-chain anchor
tamper-evident trail
=
trust-verified payment
fail-closed · audit trail · independently verifiable
the failure mode

An agent holding your keys can't be stopped.

An agent with an uncapped API key keeps paying — when it runs away, when prompt injection tricks it, when it misreads an instruction. The incident reaches your logs only after the money is gone.

With Trust402, out-of-scope never executes in the first place. $500 POST → blocked

You hand your agent a card with a limit — not the keys.

● The more resources charge over x402, the more the paying side needs control.

scope

Out of scope, it never runs.

Your agent runs only within the authority you delegate. Out of scope, it stops before the call is sent — no hand-rolled guardrails.

01

Stopped before it's sent.

Calls that fail proof verification stop before they're sent (fail-closed).

fail-closed
02

Authority is declared, not coded.

Declare role, limits and scope as a proof — no authorization branches in your code.

scope: payments:autonomous
03

Every stop leaves a trail.

Every allow and every stop lands in an independently verifiable audit trail.

audit trail · verifiable
how it works

One middleware, over your existing x402 flow.

The standard stays intact. Trust402 sits as a ZK verification layer.

step 01

Present delegation proof

The agent presents the authority you delegated.

step 02

Trust402 verifies via ZK

Identity, role and limits checked cryptographically.

step 03

Settle on x402

Cleared requests settle over the untouched standard.

step 04

On-chain anchor

Every allow and stop is anchored, tamper-evident.

● 4-step flow · one middleware line (wrapFetchWithProof), done · View on GitHub →

provenance

How we prove a file is really yours.

Provenance is Lemma's core craft — not detecting fakes after the fact, but carving in authenticity the moment something is published. Three things get attached to whatever you publish.

who made it

A signature proving you're the publisher — reveal only the parts you want.

BBS+ over BLS12-381

not changed

A fingerprint that breaks if even one byte is altered.

Poseidon over BN254

which version

So an agent always cites the exact version you meant.

● Data is copied. Provenance is carved. · Verifiable Origin — how Lemma does it →

pricing

Developer plans (coming soon)

Pay (x402 authority proofs) is available through the Lemma API developer plans.

Verification is always free.
Builder
Pay as you go (PAYG). Authority proofs settle per issuance via x402 — no monthly fee.
Coming soon
Team
Flat rate + issuance quota + API discounts. For developers and teams.
Coming soon
Scale · dashboard
A managed plan with delegated registry, revocation management, an audit dashboard, and SLA.
Coming soon
Enterprise
Custom circuits, on-prem, and regulatory compliance (→ Lemma Critical / Compliance).
Coming soon

Pricing coming soon.

Ready to open up the agent economy?

Keys let an agent pay. Trusting it takes proof.